diff options
Diffstat (limited to 'examples')
| -rwxr-xr-x | examples/browser-export.sh | 14 | ||||
| -rwxr-xr-x | examples/samizdat-init-key.sh | 5 |
2 files changed, 16 insertions, 3 deletions
diff --git a/examples/browser-export.sh b/examples/browser-export.sh index efb51de..a9173d8 100755 --- a/examples/browser-export.sh +++ b/examples/browser-export.sh | |||
| @@ -16,6 +16,16 @@ extract_public_key() | |||
| 16 | certutil -d sql:"$nssdb" -L -n "$name" -a | openssl x509 -pubkey -noout | 16 | certutil -d sql:"$nssdb" -L -n "$name" -a | openssl x509 -pubkey -noout |
| 17 | } | 17 | } |
| 18 | 18 | ||
| 19 | extract_private_key() | ||
| 20 | { | ||
| 21 | extract_certificate_and_private_key "$@" | openssl rsa -outform PEM | ||
| 22 | } | ||
| 23 | |||
| 24 | extract_certificate() | ||
| 25 | { | ||
| 26 | extract_certificate_and_private_key "$@" | openssl x509 | ||
| 27 | } | ||
| 28 | |||
| 19 | for nssdb in "$HOME/.pki/nssdb" "$HOME"/.mozilla/firefox/*; do | 29 | for nssdb in "$HOME/.pki/nssdb" "$HOME"/.mozilla/firefox/*; do |
| 20 | [ -d "$nssdb" ] || continue | 30 | [ -d "$nssdb" ] || continue |
| 21 | [ -e "$nssdb"/cert8.db -o -e "$nssdb"/cert9.db ] || continue | 31 | [ -e "$nssdb"/cert8.db -o -e "$nssdb"/cert9.db ] || continue |
| @@ -25,7 +35,9 @@ for nssdb in "$HOME/.pki/nssdb" "$HOME"/.mozilla/firefox/*; do | |||
| 25 | 35 | ||
| 26 | # certutil -d sql:"$nssdb" -K -n "$name" | 36 | # certutil -d sql:"$nssdb" -K -n "$name" |
| 27 | # extract_public_key "$nssdb" "$name" | 37 | # extract_public_key "$nssdb" "$name" |
| 28 | extract_certificate_and_private_key "$nssdb" "$name" | 38 | # extract_certificate_and_private_key "$nssdb" "$name" |
| 39 | extract_private_key "$nssdb" "$name" | ||
| 40 | extract_certificate "$nssdb" "$name" | ||
| 29 | 41 | ||
| 30 | done | 42 | done |
| 31 | done | 43 | done |
diff --git a/examples/samizdat-init-key.sh b/examples/samizdat-init-key.sh index 0bd7a32..1fde8d1 100755 --- a/examples/samizdat-init-key.sh +++ b/examples/samizdat-init-key.sh | |||
| @@ -1,4 +1,5 @@ | |||
| 1 | #!/bin/sh | 1 | #!/bin/sh |
| 2 | export GNUPGHOME=$ROOT/gpg/gnupghome | ||
| 2 | 3 | ||
| 3 | pem_to_onion_url() | 4 | pem_to_onion_url() |
| 4 | { | 5 | { |
| @@ -37,12 +38,12 @@ onion_url=$(pem_to_onion_url "$torkey") || exit | |||
| 37 | echo "$passphrase" | \ | 38 | echo "$passphrase" | \ |
| 38 | kiki --keypairs \ | 39 | kiki --keypairs \ |
| 39 | strongswan="$ROOT"/etc/ipsec.d/private/"$onion_url".pem{"$ssl"} \ | 40 | strongswan="$ROOT"/etc/ipsec.d/private/"$onion_url".pem{"$ssl"} \ |
| 40 | ssh-client="$ROOT$HOME"/.ssh/id_rsa{"$ssh"} \ | 41 | ssh-client="$ROOT"/root/.ssh/id_rsa{"$ssh"} \ |
| 41 | ssh-host="$ROOT"/etc/ssh/ssh_host_rsa_key{"$ssh"} \ | 42 | ssh-host="$ROOT"/etc/ssh/ssh_host_rsa_key{"$ssh"} \ |
| 42 | --passphrase-fd 0 || exit | 43 | --passphrase-fd 0 || exit |
| 43 | 44 | ||
| 44 | # Finally, export public keys if they do not exist. | 45 | # Finally, export public keys if they do not exist. |
| 45 | makepub ssh-client "$ROOT$HOME/.ssh/id_rsa.pub" | 46 | makepub ssh-client "$ROOT/root/.ssh/id_rsa.pub" |
| 46 | makepub ssh-host "$ROOT/etc/ssh/ssh_host_rsa_key.pub" | 47 | makepub ssh-host "$ROOT/etc/ssh/ssh_host_rsa_key.pub" |
| 47 | 48 | ||
| 48 | # TODO: makepub can be made obsolete by implementing something like this: | 49 | # TODO: makepub can be made obsolete by implementing something like this: |